PHP bb2_db_query函数代码示例

function bb2_log_denial($settings, $package, $key, $previous_key = false)
{
    if (!$settings['logging']) {
        return;
    }
    bb2_db_query(bb2_insert($settings, $package, $key));
}

function bb2_httpbl($settings, $package)
{
    // Can't use IPv6 addresses yet
    if (@is_ipv6($package['ip'])) {
        return false;
    }
    if (@(!$settings['httpbl_key'])) {
        return false;
    }
    // Workaround for "MySQL server has gone away"
    bb2_db_query("SET @@session.wait_timeout = 90");
    $find = implode('.', array_reverse(explode('.', $package['ip'])));
    $result = gethostbynamel($settings['httpbl_key'] . ".{$find}.dnsbl.httpbl.org.");
    if (!empty($result)) {
        $ip = explode('.', $result[0]);
        // Check if threat
        if ($ip[0] == 127 && $ip[3] & 7 && $ip[2] >= $settings['httpbl_threat'] && $ip[1] <= $settings['httpbl_maxage']) {
            return '2b021b1f';
        }
        // Check if search engine
        if ($ip[3] == 0) {
            return 1;
        }
    }
    return false;
}

function bb2_post($settings, $package)
{
    // Check blackhole lists for known spam/malicious activity
    require_once BB2_CORE . "/blackhole.inc.php";
    bb2_test($settings, $package, bb2_blackhole($package));
    // MovableType needs specialized screening
    if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
        if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
            return "7d12528e";
        }
    }
    // Trackbacks need special screening
    $request_entity = $package['request_entity'];
    if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
        require_once BB2_CORE . "/trackback.inc.php";
        return bb2_trackback($package);
    }
    // Catch a few completely broken spambots
    foreach ($request_entity as $key => $value) {
        $pos = strpos($key, "\tdocument.write");
        if ($pos !== FAlSE) {
            return "dfd9b1ad";
        }
    }
    // Screen by cookie/JavaScript form add
    if (isset($_COOKIE[BB2_COOKIE])) {
        $screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
    }
    if (isset($_POST[BB2_COOKIE])) {
        $screener2 = explode(" ", $_POST[BB2_COOKIE]);
    }
    $screener = max($screener1[0], $screener2[0]);
    if ($screener > 0) {
        // Posting too fast? 5 sec
        // FIXME: even 5 sec is too intrusive
        // if ($screener + 5 > time())
        //	return "408d7e72";
        // Posting too slow? 48 hr
        if ($screener + 172800 < time()) {
            return "b40c8ddc";
        }
        // Screen by IP address
        $ip = ip2long($package['ip']);
        $ip_screener = ip2long($screener[1]);
        //		FIXME: This is b0rked, but why?
        //		if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
        //			return "c1fa729b";
        // Screen for user agent changes
        // User connected previously with blank user agent
        $q = bb2_db_query("SELECT `ip` FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
        // Damnit, too many ways for this to fail :(
        if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0) {
            return "799165c2";
        }
    }
    return false;
}

function bb2_housekeeping($settings, $package)
{
    // FIXME Yes, the interval's hard coded (again) for now.
    $query = "DELETE FROM `" . $settings['log_table'] . "` WHERE `date` < " . (bb2_db_date() - 60 * 60 * 24 * 7);
    bb2_db_query($query);
    // Waste a bunch more of the spammer's time, sometimes.
    if (rand(1, 1000) == 1) {
        sleep(10);
    }
}

function bb2_housekeeping($settings, $package)
{
    // FIXME Yes, the interval's hard coded (again) for now.
    $query = "DELETE FROM `" . $settings['log_table'] . "` WHERE `date` < DATE_SUB('" . bb2_db_date() . "', INTERVAL 7 DAY)";
    bb2_db_query($query);
    // Waste a bunch more of the spammer's time, sometimes.
    if (rand(1, 25) == 1) {
        $query = "OPTIMIZE TABLE `" . $settings['log_table'] . "`";
        bb2_db_query($query);
    }
}

function bb2_approved($settings, $package)
{
    // Dirk wanted this
    if (is_callable('bb2_approved_callback')) {
        bb2_approved_callback($settings, $package);
    }
    // Decide what to log on approved requests.
    if ($settings['verbose'] && $settings['logging'] || empty($package['user_agent'])) {
        bb2_db_query(bb2_insert($settings, $package, "00000000"));
    }
}

function bb2_blacklist($settings, $package)
{
    // Blacklisted user agents
    // These user agent strings occur at the beginning of the line.
    $bb2_spambots_0 = array("8484 Boston Project", "adwords", "autoemailspider", "blogsearchbot-martin", "BrowserEmulator/", "CherryPicker", "core-project/", "Diamond", "Digger", "ecollector", "EmailCollector", "Email Siphon", "EmailSiphon", "Forum Poster", "grub crawler", "HttpProxy", "Internet Explorer", "ISC Systems iRc", "Jakarta Commons", "Java 1.", "Java/1.", "libwww-perl", "LWP", "lwp", "Microsoft Internet Explorer/", "Microsoft URL", "Missigua", "MJ12bot/v1.0.8", "Morfeus", "Movable Type", "Mozilla/0", "Mozilla/1", "Mozilla/2", "Mozilla/3", "Mozilla/4.0(", "Mozilla/4.0+(compatible;+", "Mozilla/4.0 (Hydra)", "MSIE", "MVAClient", "Nessus", "NutchCVS", "Nutscrape/", "OmniExplorer", "Opera/9.64(", "PMAFind", "psycheclone", "PussyCat ", "PycURL", "Python-urllib", "revolt", "sqlmap/", "Super Happy Fun ", "TrackBack/", "user", "User Agent: ", "User-Agent: ", "w3af", "WebSite-X Suite", "Winnie Poh", "Wordpress", "\"");
    // These user agent strings occur anywhere within the line.
    $bb2_spambots = array("\r", "<sc", "; Widows ", "a href=", "Bad Behavior Test", "compatible ; MSIE", "compatible-", "DTS Agent", "Email Extractor", "Firebird/", "Gecko/2525", "grub-client", "hanzoweb", "Havij", "Indy Library", "Ming Mong", "MSIE 7.0;  Windows NT 5.2", "Murzillo compatible", ".NET CLR 1)", ".NET CLR1", "Netsparker", "Nikto/", "Perman Surfer", "POE-Component-Client", "Teh Forest Lobster", "Turing Machine", "Ubuntu/9.25", "unspecified.mail", "User-agent: ", "WebaltBot", "WISEbot", "WISEnutbot", "Win95", "Win98", "WinME", "Win 9x 4.90", "Windows 3", "Windows 95", "Windows 98", "Windows NT 4", "Windows NT;", "Windows NT 5.0;)", "Windows NT 5.1;)", "Windows XP 5", "WordPress/4.01", "Xedant Human Emulator", "ZmEu", "\\\\)", "Bot Banned");
    // These are regular expression matches.
    $bb2_spambots_regex = array("/^[A-Z]{10}\$/", "/[bcdfghjklmnpqrstvwxz ]{8,}/", "/MSIE [2345]/");
    // Blacklisted URL strings
    // These strings are considered case-insensitive.
    $bb2_spambots_url = array("0x31303235343830303536", "../", "..\\", "%60information_schema%60", "+%2F*%21", "+and+%", "+and+1%", "+and+if", "%27--", "%27--", "%27 --", "%27%23", "%27 %23", "benchmark%28", "insert+into+", "r3dm0v3", "select+1+from", "union+all+select", "union+select", "waitfor+delay+", "w00tw00t");
    $bb2_spambot_refer = array("gamesthelife.tr.gg");
    // Do not edit below this line.
    @($ua = $package['headers_mixed']['User-Agent']);
    @($uri = $package['request_uri']);
    @($refer = $package['Referer']);
    foreach ($bb2_spambots_0 as $spambot) {
        $pos = strpos($ua, $spambot);
        if ($pos !== FALSE && $pos == 0) {
            return "17f4e8c8";
        }
    }
    // custom check for known refers
    foreach ($bb2_spambot_refer as $spambot) {
        if (strpos($refer, $spambot) != FALSE) {
            return "174e8c9";
        }
    }
    foreach ($bb2_spambots as $spambot) {
        if (strpos($ua, $spambot) !== FALSE) {
            return "17f4e8c8";
        }
    }
    foreach ($bb2_spambots_regex as $spambot) {
        if (preg_match($spambot, $ua)) {
            return "17f4e8c8";
        }
    }
    foreach ($bb2_spambots_url as $spambot) {
        if (stripos($uri, $spambot) !== FALSE) {
            return "96c0bd29";
        }
    }
    // do our DB check here
    $ip = $package['ip'];
    $sql = "SELECT * FROM " . $settings['ban_table'] . " WHERE ip = INET_ATON('" . bb2_db_escape($ip) . "')";
    $result = bb2_db_query($sql);
    if (bb2_db_num_rows($result) > 0) {
        return "96c0bd30";
    }
    return FALSE;
}

function bb2_post($package)
{
    // MovableType needs specialized screening
    if (stripos($package['headers_mixed']['User-Agent'], "MovableType") !== FALSE) {
        if (strcmp($package['headers_mixed']['Range'], "bytes=0-99999")) {
            return "7d12528e";
        }
    }
    // Trackbacks need special screening
    $request_entity = $package['request_entity'];
    if (isset($request_entity['title']) && isset($request_entity['url']) && isset($request_entity['blog_name'])) {
        require_once BB2_CORE . "/trackback.inc.php";
        return bb2_trackback($package);
    }
    // Catch a few broken spambots
    if (isset($request_entity['	document.write(Math.round ('])) {
        return "dfd9b1ad";
    }
    // Screen by cookie/JavaScript form add
    if (isset($_COOKIE[BB2_COOKIE])) {
        $screener1 = explode(" ", $_COOKIE[BB2_COOKIE]);
    }
    if (isset($_POST[BB2_COOKIE])) {
        $screener2 = explode(" ", $_POST[BB2_COOKIE]);
    }
    $screener = max($screener[0], $screener2[0]);
    if ($screener > 0) {
        // Posting too fast? 5 sec
        // FIXME: even 5 sec is too intrusive
        // if ($screener + 5 > time())
        //	return "408d7e72";
        // Posting too slow? 48 hr
        if ($screener + 172800 < time()) {
            return "b40c8ddc";
        }
    }
    // Screen by IP address
    $ip = ip2long($package['ip']);
    $ip_screener = ip2long($screener[1]);
    //	FIXME: This is b0rked, but why?
    //	if ($ip && $ip_screener && abs($ip_screener - $ip) > 256)
    //		return "c1fa729b";
    return false;
    // Screen for user agent changes
    $q = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip` = '" . $screener[1] . "') AND `http_headers` NOT LIKE '%User-Agent: %'");
    if ($q !== FALSE) {
        return "799165c2";
    }
    return false;
}

function bb2_install()
{
    $settings = bb2_read_settings();
    if (defined('BB2_NO_CREATE')) {
        return;
    }
    bb2_db_query(bb2_table_structure($settings['log_table']));
}

function bb2_install()
{
    $settings = bb2_read_settings();
    if ($settings['is_installed'] == false) {
        bb2_db_query(bb2_table_structure($settings['log_table']));
        $settings['is_installed'] = true;
        bb2_write_settings($settings);
    }
}

/**
 * Display Statistics (default off)
 * Enabling this option will return a string to add a blurb to your site footer
 * advertising Bad Behavior’s presence and the number of recently blocked requests.
 *
 * This option is not available or has no effect when logging is not in use.
 *
 * @param bool $force
 */
function bb2_insert_stats($force = false)
{
    global $txt;
    $settings = bb2_read_settings();
    if ($force || $settings['display_stats']) {
        // Get the blocked count for the last 7 days ... cache this as well
        if (($bb2_blocked = cache_get_data('bb2_blocked', 900)) === null) {
            $bb2_blocked = bb2_db_query('SELECT COUNT(*) FROM {db_prefix}log_badbehavior WHERE `valid` NOT LIKE \'00000000\'');
            cache_put_data('bb2_blocked', $bb2_blocked, 900);
        }
        if ($bb2_blocked !== false) {
            return sprintf($txt['badbehavior_blocked'], $bb2_blocked[0]['COUNT(*)']);
        }
    }
}

function bb2_insert_stats($force = false)
{
    global $bb2_result;
    $settings = bb2_read_settings();
    if ($force || $settings['display_stats']) {
        $blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
        if ($blocked !== FALSE) {
            echo sprintf('<p><a href="http://bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
        }
    }
    if (@(!empty($bb2_result))) {
        echo sprintf("\n<!-- Bad Behavior result was %s! This request would have been blocked. -->\n", $bb2_result);
        unset($bb2_result);
    }
}

function bb2_log_denial($settings, $package, $key, $previous_key = false)
{
    bb2_db_query(bb2_insert($settings, $package, $key));
}

function bb2_install()
{
    $settings = bb2_read_settings();
    bb2_db_query(bb2_table_structure($settings['log_table']));
}

function bb2_insert_stats($force = false)
{
    global $bb_settings, $f3;
    if ($force || $bb_settings['display_stats']) {
        $blocked = bb2_db_query("SELECT COUNT(*) FROM " . $bb_settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
        if ($blocked !== FALSE) {
            $f3->set('bb2_stats', $blocked[0]["COUNT(*)"]);
        }
    }
}